urlscan.io logo urlscan.io
SecurityTrails logo

qa1-content-delivery.usbank.com Open in urlscan Pro
2600:141b:1c00:16::17c4:32a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://qa1-content-delivery.usbank.com/
Effective URL: https://qa1-content-delivery.usbank.com/index.html
Submission: On September 19 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 2600:141b:1c00:16::17c4:32a, located in Secaucus, United States and belongs to AKAMAI-ASN1, NL. The main domain is qa1-content-delivery.usbank.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on June 13th 2024. Valid for: a year.
This is the only time qa1-content-delivery.usbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2600:141b:1c0... 20940 (AKAMAI-ASN1)
6 23.49.248.4 20940 (AKAMAI-ASN1)
3 2600:9000:251... 16509 (AMAZON-02)
1 2 34.192.60.23 14618 (AMAZON-AES)
1 104.18.10.213 13335 (CLOUDFLAR...)
1 52.1.232.220 14618 (AMAZON-AES)
1 63.140.38.183 14618 (AMAZON-AES)
2 2 3.218.1.240 14618 (AMAZON-AES)
2 2600:9000:220... 16509 (AMAZON-02)
1 52.3.163.60 14618 (AMAZON-AES)
17 9
2    2600:141b:1c00:16::17c4:32a (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
qa1-content-delivery.usbank.com
6    23.49.248.4 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-248-4.deploy.static.akamaitechnologies.com
qa1-content-delivery.usbank.com
3    2600:9000:2511:e800:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
2    34.192.60.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-60-23.compute-1.amazonaws.com
dpm.demdex.net
1    104.18.10.213 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.quantummetric.com
1    52.1.232.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-232-220.compute-1.amazonaws.com
usbank.demdex.net
1    63.140.38.183 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-183.data.adobedc.net
smetrics.usbank.com
2    3.218.1.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-1-240.compute-1.amazonaws.com
www.glancecdn.net
2    2600:9000:2209:a400:d:addc:2400:93a1 (United States)

ASN16509 (AMAZON-02, US)
storage.glancecdn.net
1    52.3.163.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-163-60.compute-1.amazonaws.com
www.glance.net
Apex Domain
Subdomains		 Transfer
9 usbank.com
qa1-content-delivery.usbank.com
smetrics.usbank.com — Cisco Umbrella Rank: 32107
33 KB
4 glancecdn.net
www.glancecdn.net — Cisco Umbrella Rank: 6486
storage.glancecdn.net — Cisco Umbrella Rank: 10332
14 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 256
usbank.demdex.net — Cisco Umbrella Rank: 25762
2 KB
3 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1445
39 KB
1 glance.net
www.glance.net — Cisco Umbrella Rank: 11196
720 B
1 quantummetric.com
cdn.quantummetric.com — Cisco Umbrella Rank: 2599
244 KB
17 6
Domain Requested by
8 qa1-content-delivery.usbank.com 1 redirects qa1-content-delivery.usbank.com
3 tags.tiqcdn.com qa1-content-delivery.usbank.com
tags.tiqcdn.com
2 storage.glancecdn.net
2 www.glancecdn.net 2 redirects
2 dpm.demdex.net 1 redirects qa1-content-delivery.usbank.com
1 www.glance.net cdn.quantummetric.com
1 smetrics.usbank.com tags.tiqcdn.com
1 usbank.demdex.net tags.tiqcdn.com
1 cdn.quantummetric.com tags.tiqcdn.com
17 9

This site contains no links.

Subject Issuer Validity Valid
qa1-content-delivery.usbank.com
Entrust Certification Authority - L1K		 2024-06-13 -
2025-06-13		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M02		 2024-03-19 -
2025-04-17		 a year crt.sh
quantummetric.com
WE1		 2024-08-12 -
2024-11-10		 3 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
smetrics.usbank.com
Entrust Certification Authority - L1K		 2024-02-20 -
2025-03-20		 a year crt.sh
*.glance.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-03-30		 8 months crt.sh

This page contains 2 frames:

Primary Page: https://qa1-content-delivery.usbank.com/index.html
Frame ID: DE3C42441615EDBE4A07C96ACBB5A486
Requests: 16 HTTP requests in this frame

Frame: https://usbank.demdex.net/dest5.html?d_nsid=0
Frame ID: 9CC8EC4739462B5664C1F541A9855D3B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Banking

Page URL History Show full URLs

  1. https://qa1-content-delivery.usbank.com/ HTTP 302
    https://qa1-content-delivery.usbank.com/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

17
Requests

82 %
HTTPS

30 %
IPv6

6
Domains

9
Subdomains

9
IPs

2
Countries

329 kB
Transfer

1338 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://qa1-content-delivery.usbank.com/ HTTP 302
    https://qa1-content-delivery.usbank.com/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1726759975160 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1726759975160
Request Chain 13
  • https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=19921&site=production HTTP 302
  • https://storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_6.17.0M.js
Request Chain 14
  • https://www.glancecdn.net/cobrowse/js/GlancePresenceVisitor_6.17.0M.js HTTP 301
  • https://storage.glancecdn.net/cobrowse/js/GlancePresenceVisitor_6.17.0M.js

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
qa1-content-delivery.usbank.com/
Redirect Chain
  • https://qa1-content-delivery.usbank.com/
  • https://qa1-content-delivery.usbank.com/index.html
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qa1-content-delivery.usbank.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:16::17c4:32a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
68384a5874377d36e39bc0f591110227f7ca2c1651128868d83420abaaffe38f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
cache-control
max-age=600
content-encoding
gzip
content-length
1315
content-type
text/html
date
Thu, 19 Sep 2024 15:32:54 GMT
etag
"3dde40f10b3e29df319de1f43a80c5fc:1712005567.509151"
last-modified
Mon, 01 Apr 2024 21:05:39 GMT
server-timing
cdn-cache; desc=HIT edge; dur=340 ak_p; desc="1726759974086_398721578_3153538266_35212_25528_29_0_255";dur=1
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0
content-length
0
date
Thu, 19 Sep 2024 15:32:54 GMT
location
https://qa1-content-delivery.usbank.com/index.html
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1726759973513_398721578_3153537420_30_125978_23_363_255";dur=1
universal.css
qa1-content-delivery.usbank.com/ 		120 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qa1-content-delivery.usbank.com/universal.css
Requested by
Host: qa1-content-delivery.usbank.com
URL: https://qa1-content-delivery.usbank.com/index.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.49.248.4 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ca4bc138daaf1e418c2149b8ab5ea3b60aa27e2b14ed46a2db9369d621f268bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qa1-content-delivery.usbank.com/index.html

Response headers

cache-control
max-age=604800
content-encoding
gzip
etag
"84b093ebc2befffe4e68b6136112a9bc:1711050538.488194"
quic-version
0x00000001
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=155, ak_p; desc="1726759974134_388502276_321917410_15510_21515_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
21315
date
Thu, 19 Sep 2024 15:32:54 GMT
content-type
text/css
last-modified
Thu, 21 Mar 2024 19:48:58 GMT
vary
Accept-Encoding
utag.js
tags.tiqcdn.com/utag/usbank/olbcustomer/prod/ 		134 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/usbank/olbcustomer/prod/utag.js
Requested by
Host: qa1-content-delivery.usbank.com
URL: https://qa1-content-delivery.usbank.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:e800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80fae86c00d6155b33554314843cf751803121b01db291d0c62c0772a839768d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qa1-content-delivery.usbank.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=300
content-encoding
br
etag
W/"bd357753534ad0cd06d134dcbf532357"
x-amz-version-id
Hk63BQbx_vuwjCvrKdTl5Ik.wbuh84Xe
age
141
via
1.1 4229f114865802c4acd3e785fddcbf9c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
uxAnItbVbtzB4PSG8dXZtSNnwJlA3uGHHLV5g_v6Jgy-aAEBODkXQA==
date
Thu, 19 Sep 2024 15:30:34 GMT
content-type
application/javascript
last-modified
Fri, 05 May 2023 21:36:29 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
x-amz-server-side-encryption
AES256
USBank-logo-siteheader.png
qa1-content-delivery.usbank.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qa1-content-delivery.usbank.com/USBank-logo-siteheader.png
Requested by
Host: qa1-content-delivery.usbank.com
URL: https://qa1-content-delivery.usbank.com/index.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.49.248.4 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3c1cd3cff95b57f04ca3c77715c262b6b516dbac16d71f927ad7eef7615e766b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qa1-content-delivery.usbank.com/index.html

Response headers

cache-control
max-age=2592000
etag
"d1fa32389f4ea67402f8604e2e646dac:1711050538.072464"
quic-version
0x00000001
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=136, ak_p; desc="1726759974756_388502276_321917412_13630_13271_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
2484
date
Thu, 19 Sep 2024 15:32:54 GMT
content-type
image/png
last-modified
Thu, 21 Mar 2024 19:48:58 GMT
all-of-us-serving-you-header.png
qa1-content-delivery.usbank.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qa1-content-delivery.usbank.com/all-of-us-serving-you-header.png
Requested by
Host: qa1-content-delivery.usbank.com
URL: https://qa1-content-delivery.usbank.com/index.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.49.248.4 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
13190f2a3ceb6a9d2764c19fea2dda0cbd3143b4ce1a67fdfc6cc158e8f2e49a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qa1-content-delivery.usbank.com/index.html

Response headers

cache-control
max-age=2592000
etag
"85e50c7c0d8e4a0fa3d48f20c3d5ac84:1711050538.134309"
quic-version
0x00000001
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=68, ak_p; desc="1726759975019_388502276_321917579_6775_8387_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
2966
date
Thu, 19 Sep 2024 15:32:55 GMT
content-type
image/png
last-modified
Thu, 21 Mar 2024 19:48:58 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1726759975160
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1726759975160
1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1726759975160
Requested by
Host: qa1-content-delivery.usbank.com
URL: https://qa1-content-delivery.usbank.com/index.html
Protocol
H2
Server
34.192.60.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-60-23.compute-1.amazonaws.com
Software
/
Resource Hash
779b0dfc6fdc9033f87383848005dff249302fedfdad18789fc7cdee2590e1a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qa1-content-delivery.usbank.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-va6-1-v064-01d815503.edge-va6.demdex.com 9 ms
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
x-tid
HXXl5rDpTng=
expires
Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin
https://qa1-content-delivery.usbank.com
content-length
655
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 19 Sep 2024 15:32:55 GMT
content-type
application/json;charset=utf-8
vary
Origin

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1726759975160
dcs
dcs-prod-va6-1-v064-048882f75.edge-va6.demdex.com 0 ms
pragma
no-cache
access-control-allow-credentials
true
x-tid
BZ618bqhSLI=
expires
Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin
https://qa1-content-delivery.usbank.com
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 19 Sep 2024 15:32:55 GMT
vary
Origin
quantum-usbank.js
cdn.quantummetric.com/qscripts/ 		1 MB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.quantummetric.com/qscripts/quantum-usbank.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/olbcustomer/prod/utag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.213 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73ab9253bb4dbb3b0794cde177397978e15f3f15fd0d24ad42bfcf798bafc7c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options no-sniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qa1-content-delivery.usbank.com/

Response headers

strict-transport-security
max-age=31536000
x-robots-tag
noindex
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
content-encoding
gzip
cf-cache-status
HIT
etag
W/"172675474803317266724932361726732802487"
age
15
x-content-type-options
no-sniff
cf-ray
8c5aa1954badabc7-YYZ
access-control-allow-origin
*
date
Thu, 19 Sep 2024 15:32:55 GMT
content-type
text/javascript
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
utag.8.js
tags.tiqcdn.com/utag/usbank/olbcustomer/prod/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/usbank/olbcustomer/prod/utag.8.js?utv=ut4.46.202305052135
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/olbcustomer/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:e800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38b6c6958e588f2af1ee3b1b3a82d0b30c0e862dc5854fcfeca43c92b19d9b2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qa1-content-delivery.usbank.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"966a74c0c001ebc6ecf50157d31d8f08"
x-amz-version-id
3n2EdwrV_8pG41YuCewYMJraCUaN9NtO
via
1.1 4229f114865802c4acd3e785fddcbf9c.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
0bM-86i2ffxcDGVhkj1gWxN6hNKt2vnr-jlbtvb3jlebLBcoTiVaxg==
date
Thu, 19 Sep 2024 15:32:56 GMT
content-type
application/javascript
last-modified
Fri, 05 May 2023 21:36:29 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
x-amz-server-side-encryption
AES256
bgnd-page-topshields.png
qa1-content-delivery.usbank.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qa1-content-delivery.usbank.com/bgnd-page-topshields.png
Requested by
Host: qa1-content-delivery.usbank.com
URL: https://qa1-content-delivery.usbank.com/universal.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.49.248.4 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2fb10240ee76a6df4311725cf04f41a967617686ec0c13f76370ef95351ea1fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qa1-content-delivery.usbank.com/universal.css

Response headers

cache-control
max-age=2592000
etag
"52fe8cb925985b549bcb2cb522c2bdb3:1711050538.210507"
quic-version
0x00000001
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=110, ak_p; desc="1726759975199_388502276_321917684_11029_12659_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
3612
date
Thu, 19 Sep 2024 15:32:55 GMT
content-type
image/png
last-modified
Thu, 21 Mar 2024 19:48:58 GMT
bgnd-navbar-gradient.png
qa1-content-delivery.usbank.com/ 		175 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qa1-content-delivery.usbank.com/bgnd-navbar-gradient.png
Requested by
Host: qa1-content-delivery.usbank.com
URL: https://qa1-content-delivery.usbank.com/universal.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.49.248.4 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2a1746415c9c0ef09a37e8726fa8103da3671fd5b7f0834ac9051eec4d108088

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qa1-content-delivery.usbank.com/universal.css

Response headers

cache-control
max-age=2592000
etag
"478c7d746f6b3cc5296c543c8d092568:1711050538.092912"
quic-version
0x00000001
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=41, ak_p; desc="1726759975212_388502276_321917686_4087_12460_-_-_-";dur=1
alt-svc
h3=":443"; ma=93600
content-length
175
date
Thu, 19 Sep 2024 15:32:55 GMT
content-type
image/png
last-modified
Thu, 21 Mar 2024 19:48:58 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=usbank/olbcustomer/202305052135&cb=1726759975263
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/olbcustomer/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:e800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qa1-content-delivery.usbank.com/

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
etag
"7bc0ee636b3b83484fc3b9348863bd22"
age
550
x-cache
Hit from cloudfront
x-amz-cf-id
FTWtMWk_m3CnVZoHMhKTRdMIBVLA8v2ied1DmB02cihUYnkiqqDxXg==
date
Thu, 19 Sep 2024 15:23:46 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
cache-control
max-age=300
via
1.1 4229f114865802c4acd3e785fddcbf9c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2
x-amz-cf-pop
JFK50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
dest5.html
usbank.demdex.net/ Frame 9CC8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usbank.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/olbcustomer/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.1.232.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-232-220.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://qa1-content-delivery.usbank.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 19 Sep 2024 15:32:55 GMT
dcs
dcs-prod-va6-2-v064-00e4767d3.edge-va6.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 19 Aug 2024 12:40:01 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
wgaRnCg5TRw=
id
smetrics.usbank.com/ 		48 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.usbank.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=675616D751E567410A490D4C%40AdobeOrg&mid=05046801852874451484196488687475166159&ts=1726759975570
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/olbcustomer/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.183 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-183.data.adobedc.net
Software
jag /
Resource Hash
a78e3145428c6497310c482151009e816c640e3b56aa450edde1cfb529194077
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://qa1-content-delivery.usbank.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://qa1-content-delivery.usbank.com
p3p
CP="This is not a P3P policy"
content-length
48
date
Thu, 19 Sep 2024 15:32:55 GMT
x-xss-protection
1; mode=block
content-type
application/x-javascript;charset=utf-8
vary
Origin
server
jag
favicon.ico
qa1-content-delivery.usbank.com/ 		10 B
29 B 		Other
General
Check archive.org
Download Go to
Full URL
https://qa1-content-delivery.usbank.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.49.248.4 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qa1-content-delivery.usbank.com/index.html

Response headers

accept-ranges
bytes
cache-control
max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=75, ak_p; desc="1726759976181_388502276_321918389_7488_9590_-_-_-";dur=1
content-length
10
alt-svc
h3=":443"; ma=93600
date
Thu, 19 Sep 2024 15:32:56 GMT
quic-version
0x00000001
GlanceCobrowseLoader_6.17.0M.js
storage.glancecdn.net/cobrowse/js/
Redirect Chain
  • https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=19921&site=production
  • https://storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_6.17.0M.js
13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_6.17.0M.js
Protocol
H2
Server
2600:9000:2209:a400:d:addc:2400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23bfc6fe9e661fab5685eb0060b116644fd1cc2a58c1ff197d8966f70b0d8ffc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qa1-content-delivery.usbank.com/

Response headers

content-encoding
gzip
etag
W/"4d0e72a0976ebcbfeef4c2808b68b9a4"
x-amz-version-id
5MPHBkGdocNgKiu0OFIqc6hyI0dqYrI_
age
11475903
access-control-allow-methods
GET
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
6GqdFO44cqfBCUQTKi5ybW4hQrN94IkdUzv1EWqftGNJAlSzyh3tBA==
date
Thu, 09 May 2024 19:47:55 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 08 Feb 2024 15:19:13 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31556926
via
1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
server
AmazonS3
x-amz-server-side-encryption
AES256

Redirect headers

cache-control
max-age=3600
location
https://storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_6.17.0M.js
access-control-allow-origin
*
content-length
190
date
Thu, 19 Sep 2024 15:32:58 GMT
content-type
text/html; charset=utf-8
x-powered-by
ASP.NET
server
Microsoft-IIS/10.0
GlancePresenceVisitor_6.17.0M.js
storage.glancecdn.net/cobrowse/js/
Redirect Chain
  • https://www.glancecdn.net/cobrowse/js/GlancePresenceVisitor_6.17.0M.js
  • https://storage.glancecdn.net/cobrowse/js/GlancePresenceVisitor_6.17.0M.js
19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.glancecdn.net/cobrowse/js/GlancePresenceVisitor_6.17.0M.js
Protocol
H2
Server
2600:9000:2209:a400:d:addc:2400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aaabf258ddfe039bd4fe5a1fe9fc57be924c9459acb506b0d0b4cca7ba5f30eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qa1-content-delivery.usbank.com/

Response headers

content-encoding
gzip
etag
W/"396c1742ecabff1bdcaeeab9fa027890"
x-amz-version-id
nhL2BXhjNK29B2gwSn3.jOReN3ttYSPI
age
11475743
access-control-allow-methods
GET
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
ZW42k5_ltaHt-qR76QdBHuIEjZm5CP5ednihgmTKA1CwBowGnai4xQ==
date
Thu, 09 May 2024 19:50:36 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 08 Feb 2024 15:19:13 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31556926
via
1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
server
AmazonS3
x-amz-server-side-encryption
AES256

Redirect headers

access-control-allow-origin
*
location
https://storage.glancecdn.net/cobrowse/js/GlancePresenceVisitor_6.17.0M.js
content-length
197
date
Thu, 19 Sep 2024 15:32:58 GMT
content-type
text/html; charset=UTF-8
x-powered-by
ASP.NET
server
Microsoft-IIS/10.0
GetVisitorSettings3
www.glance.net/services/authorizationservice/ 		281 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.glance.net/services/authorizationservice/GetVisitorSettings3?groupid=19921&site=production&service=presence
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-usbank.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.163.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-163-60.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
87534f7b11a9f31aeb0f49e32413cc812e4695a9e9704da2c95b78544a18b8ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://qa1-content-delivery.usbank.com/

Response headers

access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 15:33:19 GMT
date
Thu, 19 Sep 2024 15:32:59 GMT
content-type
application/json; charset=utf-8
last-modified
Thu, 19 Sep 2024 15:32:19 GMT
vary
*
access-control-allow-headers
Content-Type, Accept
strict-transport-security
max-age=31536000
cache-control
public, max-age=20
access-control-allow-origin
*
content-length
281
x-xss-protection
1; mode=block
origin-agent-cluster
?0
x-powered-by
ASP.NET
server
Microsoft-IIS/10.0

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| Animation object| utag_data object| utag function| e object| daePrivacy object| publisherFW object| utag_cfg_ovrd object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor object| currentTime number| year function| activateCobrowse function| QuantumMetricInstrumentationStart object| QuantumMetricAPI object| QuantumMetricAPI_usbank function| qmConsoleError function| qmWaitForEventData boolean| qmStorageAvail function| createSample function| evalSelector function| qmSetCookie function| toLowerCase function| qmGetValFromDL function| qmFindObject object| GLANCE_COBROWSE object| GLANCE

18 Cookies

Domain/Path Name / Value
.usbank.com/ Name: ak_bmsc
Value: E6ED8D6B0AA52BA200D63588D7EE5287~000000000000000000000000000000~YAAQKgLEFx7C78GRAQAAPDbqChmsxhqPPYWyEXcUEdM6puGs8wZLMrjTPJc7zGL96npZR/Xyo/e9Ci4ewIF+p4PVTTM7yRQf65+yAdwNbAL9051bz21J8JynDGrUHnGI0P/GVsohhtzdMdBY67AGTl+JpkX7kcdSOKodSeTGuSoAhbSI9EqrqDtfDVHWSuVNdoWU/8y7MwZRcD/IEnOUXje4xOU4Ag+9LN4saKuSk3JIq/luAVnQVFxbFfxMJC7G5naCiHqTJfCISpCtr35Xt1qWcqIH66nrdSJun0i8GKc1itMe2aR14f1oVWYxV/4Go40urziLZXIpliLdxwRNb/qQPrQM5d9tmz2ucR0b9+yCOZjyk/HdzIqiYIJuiexbZnBh6q66BkRanJcgEQkyTGU=
.usbank.com/ Name: utag_main
Value: v_id:01920aea38a600211ca3ca3b05bc05065003205d00b08$_sn:1$_se:1$_ss:1$_st:1726761775085$ses_id:1726759975085%3Bexp-session$_pn:1%3Bexp-session
.demdex.net/ Name: demdex
Value: 05352139730595543724202247179203628311
.usbank.com/ Name: AMCVS_675616D751E567410A490D4C%40AdobeOrg
Value: 1
.usbank.com/ Name: s_ecid
Value: MCMID%7C05046801852874451484196488687475166159
.usbank.com/ Name: AMCV_675616D751E567410A490D4C%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C19986%7CMCMID%7C05046801852874451484196488687475166159%7CMCAAMLH-1727364775%7C7%7CMCAAMB-1727364775%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1726767175s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.4.0
.rlcdn.com/ Name: rlas3
Value: jUNdjLlCNlI2z0zV2fhHX/txztVGc2Ttz0VSo/4NPrs=
.rlcdn.com/ Name: pxrc
Value: CKiIsbcGEgUI6AcQABIGCPHrARAA
.doubleclick.net/ Name: IDE
Value: AHWqTUm0zIvlxog7uJ-me52IAtmJ1aVuVF4CnLZr0pcnnbg1gpB39Zq_wsn2qSVW9kc
.demdex.net/ Name: dextp
Value: 60-1-1726759976077|771-1-1726759976223|1123-1-1726759976350|903-1-1726759976460|1957-1-1726759976569|129099-1-1726759976673
.dpm.demdex.net/ Name: dpm
Value: 05352139730595543724202247179203628311
.twitter.com/ Name: personalization_id
Value: "v1_jXlNObTl8RlxDsx2tWGljA=="
.adsrvr.org/ Name: TDID
Value: fdbe3e7e-0510-4046-95d2-f9242ee98073
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIktba5cuyrD0QBRgFIAEoAjILCOL4gZHisqw9EAU4AQ..
.bing.com/ Name: MUID
Value: 0A6686F8486864333DA09207495365B1
.c.bing.com/ Name: MR
Value: 0
.rkdms.com/ Name: sc
Value: 3%3A120240
.rkdms.com/ Name: sessionid
Value: h-8963266cccf74156933b500ba352b077_t-1726759977

1 Console Messages

Source Level URL
Text
network error URL: https://qa1-content-delivery.usbank.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.quantummetric.com
dpm.demdex.net
qa1-content-delivery.usbank.com
smetrics.usbank.com
storage.glancecdn.net
tags.tiqcdn.com
usbank.demdex.net
www.glance.net
www.glancecdn.net
104.18.10.213
23.49.248.4
2600:141b:1c00:16::17c4:32a
2600:9000:2209:a400:d:addc:2400:93a1
2600:9000:2511:e800:7:2bfb:7c00:93a1
3.218.1.240
34.192.60.23
52.1.232.220
52.3.163.60
63.140.38.183
13190f2a3ceb6a9d2764c19fea2dda0cbd3143b4ce1a67fdfc6cc158e8f2e49a
23bfc6fe9e661fab5685eb0060b116644fd1cc2a58c1ff197d8966f70b0d8ffc
2a1746415c9c0ef09a37e8726fa8103da3671fd5b7f0834ac9051eec4d108088
2fb10240ee76a6df4311725cf04f41a967617686ec0c13f76370ef95351ea1fd
38b6c6958e588f2af1ee3b1b3a82d0b30c0e862dc5854fcfeca43c92b19d9b2c
3c1cd3cff95b57f04ca3c77715c262b6b516dbac16d71f927ad7eef7615e766b
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b
68384a5874377d36e39bc0f591110227f7ca2c1651128868d83420abaaffe38f
73ab9253bb4dbb3b0794cde177397978e15f3f15fd0d24ad42bfcf798bafc7c1
779b0dfc6fdc9033f87383848005dff249302fedfdad18789fc7cdee2590e1a7
80fae86c00d6155b33554314843cf751803121b01db291d0c62c0772a839768d
87534f7b11a9f31aeb0f49e32413cc812e4695a9e9704da2c95b78544a18b8ec
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a78e3145428c6497310c482151009e816c640e3b56aa450edde1cfb529194077
aaabf258ddfe039bd4fe5a1fe9fc57be924c9459acb506b0d0b4cca7ba5f30eb
ca4bc138daaf1e418c2149b8ab5ea3b60aa27e2b14ed46a2db9369d621f268bc